Detection is only one piece of the cybersecurity puzzle in the complex environment that exists today.
As threat actors use open-source code, AI technologies, and multi-factor authentication (MFA) as weapons, security must be continuous and adaptive throughout a company’s whole digital ecosystem.
According to Toby Lewis, head of threat analysis at cybersecurity platform Darktrace, AI threat detection, or AI that “understands you,” is a crucial tool that may assist enterprises in protecting themselves.
He went on to say that the technology uses computational models to provide a baseline of what is “normal” for an organization. Then, it can recognize threats, whether they are unknown or well-known, and make “intelligent micro-decisions” on potentially suspicious behavior.
Cyberattacks have been too quick, frequent, and sophisticated, according to Lewis. A security team cannot be present everywhere, at all times, and in real time at scale.
Attackers are following data to the cloud and SaaS applications, as well as to a distributed infrastructure of endpoints — from mobile phones and IoT sensors to remotely-used computers. Acquisitions with vast new digital assets and integration of suppliers and partners also put today’s organizations at risk, it was said.
However, barriers to entry for would-be bad actors continue to lower, making cyber risks not just more prevalent. The increasing commercial accessibility of offensive cyber tools, which generate more and more “bedeviling” low-sophistication attacks on CISOs and security teams, is especially concerning.
It was said that cyber-crime is becoming discommoded as-a-service, giving threat actors packaged tools and systems that make it simpler for them to start their own businesses.
Protecting ‘sprawling’ digital landscapes
Attackers are tracking data to SaaS applications, the cloud, and a dispersed infrastructure of endpoints, including mobile devices, IoT sensors, and remotely accessible desktops. Today’s firms are also at risk from acquisitions involving significant new digital assets and from integrating suppliers and partners, according to Lewis.
However, barriers to entry for would-be bad actors continue to lower, making cyber risks not just more prevalent. The increasing commercial accessibility of offensive cyber tools, which generate more and more “bedeviling” low-sophistication attacks on CISOs and security teams, is especially concerning.
AI heavy lifting
AI threat detection can be useful in this situation. AI is essential to defend businesses from threats. The large volume of data, devices and other digital assets under the control of a company may be scaled and covered by AI thanks to its always-on, continual learning capability, regardless of where they are situated.
AI models have typically concentrated on current signature-based techniques. However, as attackers swiftly alter their strategies, the signatures of known assaults quickly become out of date. When dealing with more recent threats or “major changes in trade-craft by known attackers,” relying solely on historical data and past behavior is less effective.
Using AI to fight AI
Beginning in 2013, Darktrace used mathematical models of Bayesian inference to identify typical behavioral patterns and departures from them. The business currently has more than 100 issued and pending patents from its R&D facility in The Hague and AI Research Center in the UK.
It was said that Darktrace’s teams of mathematicians and other diverse professionals are always looking for ways to use AI and mathematics to address cyber issues.
